| Name: | Description: | Size: | Format: | |
|---|---|---|---|---|
| 1.45 MB | Adobe PDF |
Advisor(s)
Abstract(s)
The significant growth in modern communication technologies has led to an increase in zero-day vulnerabilities that degrade the performance of cyber-physical systems (ICPS). Distributed denial of service (DDoS) attacks are one such threat that overwhelms a target with floods of packets, posing a severe risk to the normal operations of the ICPS. Current solutions to detect DDoS attacks are unsuitable for resource-constrained ICPS. This study proposes actively detecting multiscale flooding DDoS attacks in resource-constrained ICPS by analyzing network traffic in the frequency domain. A two-phased technique detects attack presence and attack volume. Both phases use a novel combination of light-weight and theoretically sound statistical methods. The effectiveness of the proposed technique is evaluated using mainstream metrics like true and false positive rates, accuracy, and precision using BOUN DDoS 2020 and CICDDoS 2019 datasets. An implementation of the proposed approach on a programmable logic controllers-based ICPS demonstrated improvements in resource usage and detection time compared to the existing state-of-the-art.
Description
Keywords
Computer crime Denial-of-service attack Discrete Fourier transform Distributed denial of service (DDoS) Electronic mail Euclidean distance Fast-entropy Industrial cyber-physical system (ICPS) Jaccard similarity Market research Resource-constrained Security Spectral analysis Surveys
Citation
Zahid, Farzana; Kuo, Matthew M.Y.; Sinha, Roopak; Funchal, Gustavo Silva; Pedrosa, Tiago; Leitão, Paulo (2024). Actively detecting multiscale flooding attacks & attack volumes in resource-constrained ICPS. IEEE Transactions on Industrial Informatics. ISSN 1551-3203. p. 1-9
Publisher
IEEE